No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

NE20E-S2 V800R010C10SPC500 Configuration Guide - Security 01

This is NE20E-S2 V800R010C10SPC500 Configuration Guide - Security
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
(Optional) Configuring the IKE Peer Detection Function

(Optional) Configuring the IKE Peer Detection Function

The IKE peer detection function is used to detect invalid IKE peers to avoid black holes due to unreachable SA peers that can discard data flows.

Context

Dead Peer Detection (DPD), as an alternative IKE keepalive mechanism, can minimize the number of messages used to detect peer state by using IPsec traffic. The DPD mechanism does not use the periodic message sending mechanism.

Procedure

  • Run system-view

    The system view is displayed.

  • Run ike dpd interval check-interval [ retry-interval ] or ike dpd [ on-demand ] check-interval [ retry-interval ] [ immediately

    The DPD function is configured.

    • If interval is specified, the DPD function works in periodic mode. Within the period specified by check-interval, if the local end does not receive any traffic from the peer end, the local end periodically sends DPD packets.

    • If on-demand is specified, the DPD function works in On-demand mode. Within the period specified by check-interval, if the local end does not receive any traffic from the peer end, the local end sends a DPD packet.

    • If interval or on-demand is not specified, the DPD function works in On-demand mode.

  • Run commit

    The configuration is committed.

Translation
Download
Updated: 2019-01-02

Document ID: EDOC1100055397

Views: 20321

Downloads: 39

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next